#!/bin/sh
#
# Do an 'ssh' using public key authentication.
#
# enchroot is free software: you can redistribute it and/or modify
# it under the terms of the GNU Lesser Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# enchroot is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Lesser Public License for more details.
#
# You should have received a copy of the GNU Lesser Public License
# along with enchroot. If not, see <http://www.gnu.org/licenses/>.
#
# Copyright (c) 2010 charles@kollar.com
#

SSHDIR=$HOME/.ssh
AUTHFILE=$SSHDIR/authorized_keys

#
# Check some assumptions...

if [ ! -d "$SSHDIR" ] ; then
  echo "Could not find directory $SSHDIR?"
  exit
fi

SSHDIR_FILEPERM="drwx------"
if [ "`ls -ld $SSHDIR | grep ^${SSHDIR_FILEPERM}`" == ""  ] ; then
  echo "File permissions on $SSHDIR are set wrong?"
  echo "They should be '$SSHDIR_FILEPERM'. "
  exit
fi

if [ ! -f "$AUTHFILE" ] ; then
  echo "Could not find file $AUTHFILE?"
  exit
fi

if [ ! -s "$AUTHFILE" ] ; then
  echo "You need a private key for the $AUTHFILE?"
  exit
fi

AUTH_FILEPERM="-rw-------"
if [ "`ls -ld $AUTHFILE | grep ^${AUTH_FILEPERM}`" == ""  ] ; then
  echo "File permissions on $AUTHFILE are set wrong?"
  echo "They should be '$AUTH_FILEPERM'. "
  exit
fi

#
# -2 use protocol version 2 only
# -X enable X11 forwarding
# -Y enable trusted X11 forwarding
# -v verbose
# -o an option in the format used in the configuration file
ssh -2vY -o 'PubkeyAuthentication yes' -o "IdentityFile $AUTHFILE" "$1"
